Lucene search

[email protected]CVE-2001-0873

HistoryDec 21, 2001 - 5:00 a.m.

CVE-2001-0873

2001-12-2105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0873

taylor uucp package

user privileges

uuxqt

nvd

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.

CPENameOperatorVersion
ian_lance_taylor:taylor_uucpian lance taylor taylor uucpeq1.0.6

CPE	Name	Operator	Version
ian_lance_taylor:taylor_uucp	ian lance taylor taylor uucp	eq	1.0.6

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000425

marc.info/?l=bugtraq&m=100715446131820

rhn.redhat.com/errata/RHSA-2001-165.html

www.calderasystems.com/support/security/advisories/CSSA-2001-033.0.txt

www.debian.org/security/2001/dsa-079

www.novell.com/linux/security/advisories/2001_038_uucp_txt.html

www.securityfocus.com/archive/1/212892

www.securityfocus.com/bid/3312

exchange.xforce.ibmcloud.com/vulnerabilities/7099

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2001-0873

openvas2 cert1 suse1 nessus1